Hillary Clinton's credibility just took another hit in email flap

Former US Secretary of State Hillary Clinton during a news conference at the United Nations in New York on March 10. REUTERS/Lucas Jackson Former Secretary of State Hillary Clinton's staff also used personal emails to conduct state business, possibly contradicting assurances that her team's communications took place on government servers.

The New York Times reported on Monday that Clinton, the Democratic presidential front-runner in 2016, emailed her top aides on their private email accounts when discussing the attack on the diplomacy facility in Benghazi, Libya.

"Did we survive the day?" Clinton wrote to a close adviser after being grilled by House Republicans about the 2012 incident.

The report casts new doubts on whether Clinton was being entirely truthful when she said the "vast majority" of her emails intentionally included a State Department address to ensure they were captured by government servers.

Clinton made that claim two weeks ago at a chaotic news conference in which she repeatedly insisted she did nothing wrong by exclusively using a personal email server as secretary of state. Critics accuse Clinton of trying to avoid the official disclosure process. According to The Times, this practice also violated federal guidelines.

Additionally, the report raises questions about the security of Clinton's emails, which could have been made even more vulnerable by including the personal emails of her aides. Experts previously told Business Insider that Clinton's email practice raised security concerns about whether the messages traveled over the unencrypted public internet.

"There is no way to be truly secure," Alex McGeorge, senior security researcher at Immunity Inc., told Business Insider. "But the State Department at least has teams whose job it is to detect a hack as soon as it happens — there is no indication so far that Hillary [Clinton] had this kind of active defense."

Clinton's team said the security "of her family's electronic communications was taken seriously from the onset when it was first set up for President Clinton's team.

"While the curiosity in the specifics of this set up is understandable, given what people with ill intentions can do with such information in this day and age, there are concerns about broadcasting specific technical details about past and current practices. However, suffice it to say, robust protections were put in place and additional upgrades and techniques employed over time as they became available, including consulting and employing third party experts."

At her news conference, Clinton maintained that her "@clintonemail.com" account was perfectly secure, showed no signs of a breach, and was physically guarded by the Secret Service.

Clinton during her March 10 news conference at the UN. REUTERS/Mike Segar Experts immediately questioned her assertions.

"There have been times when I've hacked into a customer's server, collected data, and gotten out, and the customer never had any indication that their system had been compromised," ethical hacker David Chronister of Parameter Security told Business Insider.

"There's this misconception that if someone is attacked, they'll know right away, but unless the hacker really screws up, the target won't know until it's too late."

In a statement to The Times, Clinton spokesman Nick Merrill acknowledged that Clinton's staff members occasionally used their personal emails for their State Department work. But he said such incidences were rare.

"Their practice [was] to primarily use their work email when conducting state business," Merrill said, "with only the tiniest fraction of the more than 1 million emails they sent or received involving their personal accounts."